subsys/random: Add cryptographically secure random test cases
Updated tests/crypto/rand32/ to include cryptographic test cases. Added config file for rand32_ctr_drbg generator. Signed-off-by: David Leach <david.leach@nxp.com>
This commit is contained in:
David Leach
Kumar Gala
parent
afdc63f320
commit
1bb1b3e6a0
3 changed files with 53 additions and 3 deletions
3
tests/crypto/rand32/prj_ctr_drbg.conf
Normal file
3
tests/crypto/rand32/prj_ctr_drbg.conf
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
CONFIG_ZTEST=y
|
||||||
|
CONFIG_LOG=y
|
||||||
|
CONFIG_ENTROPY_GENERATOR=y
|
||||||
|
|
@ -32,6 +32,7 @@ void test_rand32(void)
|
||||||
u32_t gen, last_gen;
|
u32_t gen, last_gen;
|
||||||
int rnd_cnt;
|
int rnd_cnt;
|
||||||
int equal_count = 0;
|
int equal_count = 0;
|
||||||
|
u32_t buf[N_VALUES];
|
||||||
|
|
||||||
/* Test early boot random number generation function */
|
/* Test early boot random number generation function */
|
||||||
last_gen = z_early_boot_rand32_get();
|
last_gen = z_early_boot_rand32_get();
|
||||||
|
|
@ -64,14 +65,55 @@ void test_rand32(void)
|
||||||
zassert_false((equal_count > N_VALUES / 2),
|
zassert_false((equal_count > N_VALUES / 2),
|
||||||
"random numbers returned same value with high probability");
|
"random numbers returned same value with high probability");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
printk("Generating bulk fill random numbers\n");
|
||||||
|
memset(buf, 0, sizeof(buf));
|
||||||
|
sys_rand_get((u8_t *)(&buf[0]), sizeof(buf));
|
||||||
|
|
||||||
|
for (rnd_cnt = 0; rnd_cnt < (N_VALUES - 1); rnd_cnt++) {
|
||||||
|
gen = buf[rnd_cnt];
|
||||||
|
if (gen == last_gen) {
|
||||||
|
equal_count++;
|
||||||
|
}
|
||||||
|
last_gen = gen;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (equal_count > N_VALUES / 2) {
|
||||||
|
zassert_false((equal_count > N_VALUES / 2),
|
||||||
|
"random numbers returned same value with high probability");
|
||||||
|
}
|
||||||
|
|
||||||
|
#if defined(CONFIG_CSPRING_ENABLED)
|
||||||
|
|
||||||
|
printk("Generating bulk fill cryptographically secure random numbers\n");
|
||||||
|
|
||||||
|
memset(buf, 0, sizeof(buf));
|
||||||
|
sys_csrand_get(buf, sizeof(buf));
|
||||||
|
|
||||||
|
for (rnd_cnt = 0; rnd_cnt < (N_VALUES - 1); rnd_cnt++) {
|
||||||
|
gen = buf[rnd_cnt];
|
||||||
|
if (gen == last_gen) {
|
||||||
|
equal_count++;
|
||||||
|
}
|
||||||
|
last_gen = gen;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (equal_count > N_VALUES / 2) {
|
||||||
|
zassert_false((equal_count > N_VALUES / 2),
|
||||||
|
"random numbers returned same value with high probability");
|
||||||
|
}
|
||||||
|
|
||||||
|
#else
|
||||||
|
|
||||||
|
printk("Cryptographically secure random number APIs not enabled\n");
|
||||||
|
|
||||||
|
#endif /* CONFIG_CSPRING_ENABLED */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void test_main(void)
|
void test_main(void)
|
||||||
{
|
{
|
||||||
ztest_test_suite(common_test,
|
ztest_test_suite(common_test, ztest_unit_test(test_rand32));
|
||||||
ztest_unit_test(test_rand32)
|
|
||||||
);
|
|
||||||
|
|
||||||
ztest_run_test_suite(common_test);
|
ztest_run_test_suite(common_test);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -11,3 +11,8 @@ tests:
|
||||||
filter: CONFIG_ENTROPY_HAS_DRIVER
|
filter: CONFIG_ENTROPY_HAS_DRIVER
|
||||||
tags: crypto security
|
tags: crypto security
|
||||||
min_ram: 16
|
min_ram: 16
|
||||||
|
crypto.rand32.random_ctr_drbg:
|
||||||
|
extra_args: CONF_FILE=prj_ctr_drbg.conf
|
||||||
|
filter: CONFIG_ENTROPY_HAS_DRIVER
|
||||||
|
tags: crypto security
|
||||||
|
min_ram: 16
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue